Threat model: explain dangling countermeasures Signed-off-by: Janos Follath <janos.follath@arm.com>

commit: ecaa293d32008a57eaf0b4b8af5eac769e86768d [log] [tgz]
author: Janos Follath <janos.follath@arm.com> Wed Mar 08 16:38:07 2023 +0000
committer: Janos Follath <janos.follath@arm.com> Wed Mar 08 16:38:07 2023 +0000
tree: f03c61b979630655cd4ece91ef461cee7024907b
parent: fef82fd39b7d3d6e6e34ad336a331ee6dbbfd8bb [diff]
diff --git a/SECURITY.md b/SECURITY.md
index c6345d6..95e549f 100644
--- a/SECURITY.md
+++ b/SECURITY.md

@@ -110,3 +110,16 @@
 Mbed TLS doesn't offer any security guarantees against physical attacks. If
 physical attacks are present in a use case or a user application's threat
 model, it needs to be mitigated by physical countermeasures.
+
+### Caveats
+
+#### Out of scope countermeasures
+
+Mbed TLS has evolved organically and a well defined threat model hasn't always
+been present. Therefore, Mbed TLS might have countermeasures against attacks
+outside the above defined threat model.
+
+The presence of such countermeasures don't mean that Mbed TLS provides
+protection against a class of attacks outside of the above described threat
+model. Neither does it mean that the failure of such a countermeasure is
+considered a vulnerability.
commit	ecaa293d32008a57eaf0b4b8af5eac769e86768d	[log] [tgz]
author	Janos Follath <janos.follath@arm.com>	Wed Mar 08 16:38:07 2023 +0000
committer	Janos Follath <janos.follath@arm.com>	Wed Mar 08 16:38:07 2023 +0000
tree	f03c61b979630655cd4ece91ef461cee7024907b
parent	fef82fd39b7d3d6e6e34ad336a331ee6dbbfd8bb [diff]